Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/JMvzuj7TabENncCSzpTdtk1E86k.roa
File: JMvzuj7TabENncCSzpTdtk1E86k.roa (raw, json)
Hash identifier: UrLP60Ea94nONn35mFwWgGGvHddzGY3pgrLlX2RqTuA=
Subject key identifier: 24:CB:F3:BA:3E:D3:69:B1:0D:9D:C0:92:CE:94:DD:B6:4D:44:F3:A9
Certificate issuer: /CN=21c394c9b3a36b69f9ee5f8936a2f51b95eaceb4
Certificate serial: 018CC5DC237B6F11BCF1E9B7A225EB0C6C01
Authority key identifier: 21:C3:94:C9:B3:A3:6B:69:F9:EE:5F:89:36:A2:F5:1B:95:EA:CE:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IcOUybOja2n57l-JNqL1G5XqzrQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/JMvzuj7TabENncCSzpTdtk1E86k.roa
Signing time: Mon 01 Jan 2024 16:29:47 +0000
ROA not before: Mon 01 Jan 2024 16:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51569
IP address blocks: 83.139.202.0/23 maxlen: 24
83.139.212.0/22 maxlen: 24
83.139.216.0/22 maxlen: 24
85.31.160.0/21 maxlen: 24
83.139.220.0/23 maxlen: 24
83.139.224.0/20 maxlen: 24
83.139.244.0/23 maxlen: 24
83.139.242.0/23 maxlen: 24
45.132.208.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/IcOUybOja2n57l-JNqL1G5XqzrQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/IcOUybOja2n57l-JNqL1G5XqzrQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IcOUybOja2n57l-JNqL1G5XqzrQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:23:7b:6f:11:bc:f1:e9:b7:a2:25:eb:0c:6c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21c394c9b3a36b69f9ee5f8936a2f51b95eaceb4
Validity
Not Before: Jan 1 16:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24cbf3ba3ed369b10d9dc092ce94ddb64d44f3a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8c:a3:87:66:c4:1f:38:db:fc:01:b3:45:2a:
2f:43:64:06:d6:53:80:ce:86:14:7c:5c:75:8d:d7:
58:af:bd:7c:0e:84:5f:55:f4:71:ed:fa:bb:f3:2d:
dc:65:5a:62:9b:d6:47:7c:63:ad:ce:6f:fb:67:07:
cc:9e:b4:33:4b:85:d5:11:b8:24:bb:3e:ab:16:79:
0e:44:0c:fb:bb:28:2c:8a:56:fc:80:8f:6b:1d:c0:
36:b0:c2:bc:a6:6b:d1:99:2b:ef:b7:60:be:f3:24:
43:ee:c7:a6:f0:aa:3b:e6:23:9c:d7:99:47:5c:a9:
e8:64:66:af:a7:44:a6:4d:27:79:ad:c2:d1:9e:76:
41:dc:eb:c4:23:6b:ca:50:d5:9d:81:0a:df:f3:ab:
3b:b4:0f:e2:cd:2e:30:91:49:96:d6:78:63:18:bc:
5d:b2:cd:65:ad:38:50:40:b8:fd:f3:97:e0:fe:85:
3e:e8:a4:4e:3c:a1:f8:78:aa:d9:75:f9:41:e8:f9:
ea:4c:f2:49:59:bf:58:09:21:57:db:8a:7e:2e:5c:
1c:6f:af:79:fb:1a:e4:a0:fe:83:fe:93:3b:56:4b:
4c:02:05:12:ee:45:8c:5c:f9:95:ae:95:d5:57:bc:
8a:98:c0:95:dc:8a:08:2c:a7:98:b0:1c:f0:73:b2:
e3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:CB:F3:BA:3E:D3:69:B1:0D:9D:C0:92:CE:94:DD:B6:4D:44:F3:A9
X509v3 Authority Key Identifier:
keyid:21:C3:94:C9:B3:A3:6B:69:F9:EE:5F:89:36:A2:F5:1B:95:EA:CE:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IcOUybOja2n57l-JNqL1G5XqzrQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/JMvzuj7TabENncCSzpTdtk1E86k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/IcOUybOja2n57l-JNqL1G5XqzrQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.208.0/22
83.139.202.0/23
83.139.212.0-83.139.221.255
83.139.224.0/20
83.139.242.0-83.139.245.255
85.31.160.0/21
Signature Algorithm: sha256WithRSAEncryption
50:88:d6:21:4e:81:06:5b:f0:9f:8d:2a:bd:69:5e:19:2c:3b:
24:46:b3:9b:b7:d7:a2:c2:d1:75:5f:84:10:54:d3:1e:81:43:
e6:fc:1f:6d:4e:a1:f1:f1:00:04:c1:8b:3d:a6:61:9d:4b:8d:
d9:b9:19:8d:a6:0d:f1:b3:82:8e:a9:0f:a2:50:90:04:ba:65:
79:7e:16:14:ed:15:5c:be:73:10:02:ed:f7:1b:15:65:f7:f5:
99:ba:e5:5c:cb:4e:92:e7:fa:d7:d4:3d:5b:e8:02:46:99:e9:
45:ed:71:3d:0e:5b:0f:2e:b6:29:bc:95:9d:dd:ca:d0:68:3e:
78:56:03:20:08:16:63:10:e7:43:f7:37:d7:6b:49:0b:b7:f1:
5d:61:22:6a:89:2b:de:78:cc:8f:c5:61:f1:6c:7e:93:50:a5:
72:d1:33:6e:7b:63:c9:02:09:ee:47:6a:87:d4:42:00:9b:5f:
73:60:18:73:64:b9:6d:54:97:6a:01:40:61:8d:fc:4e:2e:56:
5e:2a:5b:06:ef:49:ba:8e:ea:ea:66:f8:5f:70:b5:c1:8f:44:
ee:26:9f:86:f0:a4:78:d7:de:2d:3d:c0:70:ce:e5:a8:a0:d4:
9e:ca:95:a6:3d:45:a7:2e:08:09:d0:00:c7:be:cd:f4:e0:f1:
73:63:84:f5
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzF3CN7bxG88em3oiXrDGwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYzM5NGM5YjNhMzZiNjlmOWVlNWY4OTM2YTJmNTFiOTVl
YWNlYjQwHhcNMjQwMTAxMTYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGNiZjNiYTNlZDM2OWIxMGQ5ZGMwOTJjZTk0ZGRiNjRkNDRmM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4yjh2bEHzjb/AGzRSovQ2QG1lOA
zoYUfFx1jddYr718DoRfVfRx7fq78y3cZVpim9ZHfGOtzm/7ZwfMnrQzS4XVEbgk
uz6rFnkORAz7uygsilb8gI9rHcA2sMK8pmvRmSvvt2C+8yRD7sem8Ko75iOc15lH
XKnoZGavp0SmTSd5rcLRnnZB3OvEI2vKUNWdgQrf86s7tA/izS4wkUmW1nhjGLxd
ss1lrThQQLj985fg/oU+6KROPKH4eKrZdflB6PnqTPJJWb9YCSFX24p+Llwcb695
+xrkoP6D/pM7VktMAgUS7kWMXPmVrpXVV7yKmMCV3IoILKeYsBzwc7LjNQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFCTL87o+02mxDZ3Aks6U3bZNRPOpMB8GA1UdIwQY
MBaAFCHDlMmzo2tp+e5fiTai9RuV6s60MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNPVXliT2phMm41N2wtSk5xTDFHNVhxenJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC82MWZhY2MtNjY5Zi00NDU2LTk2M2Yt
MWU0MzZkY2I4NWM1LzEvSk12enVqN1RhYkVObmNDU3pwVGR0azFFODZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC82MWZhY2MtNjY5Zi00NDU2LTk2M2YtMWU0MzZkY2I4NWM1
LzEvSWNPVXliT2phMm41N2wtSk5xTDFHNVhxenJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQCLYTQAwQB
U4vKMAwDBAJTi9QDBAFTi9wDBARTi+AwDAMEAVOL8gMEAVOL9AMEA1UfoDANBgkq
hkiG9w0BAQsFAAOCAQEAUIjWIU6BBlvwn40qvWleGSw7JEazm7fXosLRdV+EEFTT
HoFD5vwfbU6h8fEABMGLPaZhnUuN2bkZjaYN8bOCjqkPolCQBLpleX4WFO0VXL5z
EALt9xsVZff1mbrlXMtOkuf619Q9W+gCRpnpRe1xPQ5bDy62KbyVnd3K0Gg+eFYD
IAgWYxDnQ/c312tJC7fxXWEiaokr3njMj8Vh8Wx+k1ClctEzbntjyQIJ7kdqh9RC
AJtfc2AYc2S5bVSXagFAYY38Ti5WXipbBu9Juo7q6mb4X3C1wY9E7iafhvCkeNfe
LT3AcM7lqKDUnsqVpj1Fpy4ICdAAx77N9ODxc2OE9Q==
-----END CERTIFICATE-----
Generated at Wed May 22 23:31:18 2024 by rpki-client on console-ams.rpki-client.org